From dac38246bd339cbad648c44e94beae09fa47a0d6 Mon Sep 17 00:00:00 2001
From: Martin d'Allens <martin@dallens.fr>
Date: Mon, 13 Jun 2016 12:09:54 +0200
Subject: [PATCH] Add "key-direction 1" to client .ovpn

Adding this setting avoids connection errors on some clients, when the .ovpn file is imported directly in Gnome NetworkManager.

Server logs:
    Authenticate/Decrypt packet error: packet HMAC authentication failed
    TLS Error: incoming packet authentication failed from ...

Client logs:
    nm-openvpn: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    nm-openvpn: TLS Error: TLS handshake failed

NetworkManager version: 1.2.0
openvpn version: OpenVPN 2.3.10
---
 bin/ovpn_getclient | 1 +
 1 file changed, 1 insertion(+)

diff --git a/bin/ovpn_getclient b/bin/ovpn_getclient
index d456441..3f516f4 100755
--- a/bin/ovpn_getclient
+++ b/bin/ovpn_getclient
@@ -35,6 +35,7 @@ get_client_config() {
 client
 nobind
 dev $OVPN_DEVICE
+key-direction 1
 remote-cert-tls server
 
 remote $OVPN_CN $OVPN_PORT $OVPN_PROTO